SR-MPLS-VPN-OPTION-C

Yang Li · ‎12-05-2023

I'm having some issues establishing VPNV4 neighbors between two RR routers

I hope you can help me solve this problem.

thanks

RP/0/0/CPU0:P1-RR#show bgp vpnv4 unicast summary
Tue Dec 5 11:26:33.927 UTC
BGP router identifier 172.16.1.3, local AS number 100
BGP generic scan interval 60 secs
Non-stop routing is enabled
BGP table state: Active
Table ID: 0x0 RD version: 0
BGP main routing table version 79
BGP NSR Initial initsync version 1 (Reached)
BGP NSR/ISSU Sync-Group versions 0/0
BGP scan interval 60 secs

BGP is operating in STANDALONE mode.

Process RcvTblVer bRIB/RIB LabelVer ImportVer SendTblVer StandbyVer
Speaker 79 79 79 79 79 0

Neighbor Spk AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down St/PfxRcd
172.16.1.1 0 100 15576 15663 79 0 0 5d05h 2
172.16.1.4 0 100 14260 14364 79 0 0 5d05h 0
172.16.1.9 0 200 9955 9973 0 0 0 03:10:32 Active
172.16.1.20 0 100 14262 14361 79 0 0 5d05h 0

RP/0/0/CPU0:P1-RR#show bgp vpnv4 unicast
Tue Dec 5 11:26:37.167 UTC
BGP router identifier 172.16.1.3, local AS number 100
BGP generic scan interval 60 secs
Non-stop routing is enabled
BGP table state: Active
Table ID: 0x0 RD version: 0
BGP main routing table version 79
BGP NSR Initial initsync version 1 (Reached)
BGP NSR/ISSU Sync-Group versions 0/0
BGP scan interval 60 secs

Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:100
*>i1.1.1.1/32 172.16.1.1 0 100 0 65001 i
*>i192.168.1.1/32 172.16.1.1 0 100 0 65001 i

Processed 2 prefixes, 2 paths
RP/0/0/CPU0:P1-RR#show mpls forwarding
Tue Dec 5 11:26:51.046 UTC
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
16017 Pop SR Pfx (idx 17) Gi0/0/0/1 10.1.78.1 37307
16019 Pop SR Pfx (idx 19) Gi0/0/0/2 10.1.89.2 7542
24011 Pop SR Adj (idx 1) Gi0/0/0/0 10.1.83.2 0
24012 Pop SR Adj (idx 3) Gi0/0/0/0 10.1.83.2 0
24013 Pop SR Adj (idx 1) Gi0/0/0/1 10.1.78.1 0
24014 Pop SR Adj (idx 3) Gi0/0/0/1 10.1.78.1 0
24015 Pop SR Adj (idx 1) Gi0/0/0/2 10.1.89.2 0
24016 Pop SR Adj (idx 3) Gi0/0/0/2 10.1.89.2 0

.ılı..ılı.
Cisco System
Pyhton
U got a dream, U gotta protect it

Harold Ritter · ‎12-05-2023

Hi @Yang Li ,

Can you please close/delete this request, as it is a duplicate you posted in the MPLS group.

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Yang Li · ‎12-05-2023

Dear Mr @Harold Ritter

other Already deleted

.ılı..ılı.
Cisco System
Pyhton
U got a dream, U gotta protect it

Harold Ritter · ‎12-05-2023

Hi @Yang Li ,

You should close this one, as another one still exist.

https://community.cisco.com/t5/mpls/sr-mpls-vpn-%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7%E3%83%B3-c-%E3%81%AB%E9%96%A2%E3%81%99%E3%82%8B%E8%B3%AA%E5%95%8F/m-p/4972023#M25094

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

MHM Cisco World · ‎12-05-2023

Point to check

1- lo of PE and RR is redistrubte between two AS

2- RR using ebgp multihop

3- the asbr send label

MHM

Yang Li · ‎12-05-2023

thanks for your reminder Already done, you can see my configuration file above

.ılı..ılı.
Cisco System
Pyhton
U got a dream, U gotta protect it

Yang Li · ‎12-05-2023

!
router bgp 100
bgp router-id 172.16.1.3
address-family ipv4 unicast
!
address-family vpnv4 unicast
!
neighbor 172.16.1.1
remote-as 100
update-source Loopback0
address-family ipv4 unicast
route-reflector-client
!
address-family vpnv4 unicast
route-reflector-client
!
!
neighbor 172.16.1.4
remote-as 100
update-source Loopback0
address-family ipv4 unicast
route-reflector-client
!
address-family vpnv4 unicast
route-reflector-client
!
!
neighbor 172.16.1.6
remote-as 100
update-source Loopback0
address-family ipv4 unicast
route-reflector-client
!
!
neighbor 172.16.1.9
remote-as 200
ebgp-multihop 255
update-source Loopback0
address-family vpnv4 unicast
route-policy PASS in
route-policy PASS out
next-hop-unchanged
!
!
neighbor 172.16.1.20
remote-as 100
update-source Loopback0
address-family ipv4 unicast
route-reflector-client
!
address-family vpnv4 unicast
route-reflector-client
!
!
RP/0/0/CPU0:P1-RR#show bgp vpnv4 unicast summary
Wed Dec 6 06:10:17.068 UTC
BGP router identifier 172.16.1.3, local AS number 100
BGP generic scan interval 60 secs
Non-stop routing is enabled
BGP table state: Active
Table ID: 0x0 RD version: 0
BGP main routing table version 79
BGP NSR Initial initsync version 1 (Reached)
BGP NSR/ISSU Sync-Group versions 0/0
BGP scan interval 60 secs

BGP is operating in STANDALONE mode.

Process RcvTblVer bRIB/RIB LabelVer ImportVer SendTblVer StandbyVer
Speaker 79 79 79 79 79 0

Neighbor Spk AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down St/PfxRcd
172.16.1.1 0 100 16700 16786 79 0 0 6d00h 2
172.16.1.4 0 100 15384 15487 79 0 0 5d23h 0
172.16.1.9 0 200 9955 9973 0 0 0 21:54:15 Active
172.16.1.20 0 100 15386 15484 79 0 0 5d23h 0

RP/0/0/CPU0:P1-RR#

.ılı..ılı.
Cisco System
Pyhton
U got a dream, U gotta protect it

MHM Cisco World · ‎12-05-2023

RPL you use to redistrubte bgp

If destination in c then

Can you more elaborate about this point

MHM

Yang Li · ‎12-05-2023

Below is the configuration of my ASBR AS100 AS200, please kindly check

My BGP establishes a relationship

VPNV4 AS-100-PE1-XRV17 > AS-100-RR-XRV17 > AS-200-RR-XRV21-AS-200-PE2-XRV27

EBGP（ipv4 labeled-unicast） AS-100-ASBR1-XRV19 >AS-200-ASBR3-XRV20

-------------------AS100-ASBR--------------

RP/0/0/CPU0:ASBR1#show running-config
Tue Dec 5 11:20:59.040 UTC
Building configuration...
!! IOS XR Configuration 6.3.1
!! Last configuration change at Tue Dec 5 08:14:26 2023 by root-system
!
hostname ASBR1
address-family ipv4 unicast
!
interface Loopback0
ipv4 address 172.16.1.5 255.255.255.255
!
interface MgmtEth0/0/CPU0/0
shutdown
!
interface GigabitEthernet0/0/0/0
ipv4 address 10.1.94.1 255.255.255.252
!
interface GigabitEthernet0/0/0/1
ipv4 address 10.1.89.2 255.255.255.252
!
interface GigabitEthernet0/0/0/2
ipv4 address 10.1.92.1 255.255.255.252
!
interface GigabitEthernet0/0/0/3
vrf a
ipv4 address 172.16.2.1 255.255.255.0
shutdown
!
interface GigabitEthernet0/0/0/4
shutdown
!
interface GigabitEthernet0/0/0/5
shutdown
!
interface GigabitEthernet0/0/0/6
shutdown
!
prefix-set c
172.16.1.9/32,
172.16.1.11/32
end-set
!
route-policy SID($SID)
set label-index $SID
end-policy
!
route-policy PASS
pass
end-policy
!
route-policy R-B-I
if destination in c then
pass
endif
end-policy
!
router static
address-family ipv4 unicast
10.1.92.2/32 GigabitEthernet0/0/0/2
!
!
router isis as100
is-type level-2-only
net 49.0001.0000.0000.5555.00
log adjacency changes
address-family ipv4 unicast
metric-style wide
redistribute bgp 100 level-2 route-policy R-B-I
segment-routing mpls sr-prefer
!
interface Loopback0
address-family ipv4 unicast
prefix-sid index 19
!
!
interface GigabitEthernet0/0/0/0
address-family ipv4 unicast
!
!
interface GigabitEthernet0/0/0/1
address-family ipv4 unicast
!
!
!
router bgp 100
bgp router-id 172.16.1.5
address-family ipv4 unicast
network 172.16.1.1/32 route-policy SID(17)
network 172.16.1.3/32 route-policy SID(18)
allocate-label all
!
neighbor 10.1.92.2
remote-as 200
address-family ipv4 labeled-unicast
route-policy PASS in
route-policy PASS out
!
!
!
mpls oam
!
segment-routing
global-block 16000 23999

-------------------AS200-ASBR--------------

User Access Verification

Username: root-system
Password:

RP/0/0/CPU0:ASBR3#show running-config
Tue Dec 5 11:24:04.147 UTC
Building configuration...
!! IOS XR Configuration 6.3.1
!! Last configuration change at Tue Dec 5 08:15:44 2023 by root-system
!
hostname ASBR3
interface Loopback0
ipv4 address 172.16.1.7 255.255.255.255
!
interface MgmtEth0/0/CPU0/0
shutdown
!
interface GigabitEthernet0/0/0/0
ipv4 address 10.1.25.1 255.255.255.252
!
interface GigabitEthernet0/0/0/1
ipv4 address 10.1.92.2 255.255.255.252
!
interface GigabitEthernet0/0/0/2
ipv4 address 10.1.21.1 255.255.255.252
!
interface GigabitEthernet0/0/0/3
shutdown
!
interface GigabitEthernet0/0/0/4
shutdown
!
interface GigabitEthernet0/0/0/5
shutdown
!
interface GigabitEthernet0/0/0/6
shutdown
!
prefix-set c
172.16.1.1/32,
172.16.1.3/32
end-set
!
route-policy SID($SID)
set label-index $SID
end-policy
!
route-policy PASS
pass
end-policy
!
route-policy B-T-I
if destination in c then
pass
endif
end-policy
!
router static
address-family ipv4 unicast
10.1.92.1/32 GigabitEthernet0/0/0/1
!
!
router isis as200
is-type level-2-only
net 48.0001.0000.0000.2020.00
address-family ipv4 unicast
metric-style wide
redistribute bgp 200 level-2 route-policy B-T-I
segment-routing mpls sr-prefer
!
interface Loopback0
address-family ipv4 unicast
prefix-sid index 20
!
!
interface GigabitEthernet0/0/0/0
address-family ipv4 unicast
!
!
interface GigabitEthernet0/0/0/2
address-family ipv4 unicast
!
!
!
router bgp 200
bgp router-id 172.16.1.7
address-family ipv4 unicast
network 172.16.1.9/32 route-policy SID(21)
network 172.16.1.11/32 route-policy SID(27)
allocate-label all
!
neighbor 10.1.92.1
remote-as 100
address-family ipv4 labeled-unicast
route-policy PASS in
route-policy PASS out
!
!
!
mpls oam
!
segment-routing
global-block 16000 23999
!
end

RP/0/0/CPU0:ASBR3#
RP/0/0/CPU0:ASBR3#show running-config
Tue Dec 5 11:24:19.626 UTC
Building configuration...
!! IOS XR Configuration 6.3.1
!! Last configuration change at Tue Dec 5 08:15:44 2023 by root-system
!
hostname ASBR3
interface Loopback0
ipv4 address 172.16.1.7 255.255.255.255
!
interface MgmtEth0/0/CPU0/0
shutdown
!
interface GigabitEthernet0/0/0/0
ipv4 address 10.1.25.1 255.255.255.252
!
interface GigabitEthernet0/0/0/1
ipv4 address 10.1.92.2 255.255.255.252
!
interface GigabitEthernet0/0/0/2
ipv4 address 10.1.21.1 255.255.255.252
!
interface GigabitEthernet0/0/0/3
shutdown
!
interface GigabitEthernet0/0/0/4
shutdown
!
interface GigabitEthernet0/0/0/5
shutdown
!
interface GigabitEthernet0/0/0/6
shutdown
!
prefix-set c
172.16.1.1/32,
172.16.1.3/32
end-set
!
route-policy SID($SID)
set label-index $SID
end-policy
!
route-policy PASS
pass
end-policy
!
route-policy B-T-I
if destination in c then
pass
endif
end-policy
!
router static
address-family ipv4 unicast
10.1.92.1/32 GigabitEthernet0/0/0/1
!
!
router isis as200
is-type level-2-only
net 48.0001.0000.0000.2020.00
address-family ipv4 unicast
metric-style wide
redistribute bgp 200 level-2 route-policy B-T-I
segment-routing mpls sr-prefer
!
interface Loopback0
address-family ipv4 unicast
prefix-sid index 20
!
!
interface GigabitEthernet0/0/0/0
address-family ipv4 unicast
!
!
interface GigabitEthernet0/0/0/2
address-family ipv4 unicast
!
!
!
router bgp 200
bgp router-id 172.16.1.7
address-family ipv4 unicast
network 172.16.1.9/32 route-policy SID(21)
network 172.16.1.11/32 route-policy SID(27)
allocate-label all
!
neighbor 10.1.92.1
remote-as 100
address-family ipv4 labeled-unicast
route-policy PASS in
route-policy PASS out
!
!
!
mpls oam
!
segment-routing
global-block 16000 23999
!
end

.ılı..ılı.
Cisco System
Pyhton
U got a dream, U gotta protect it

Yang Li · ‎12-05-2023

My BGP establishes a relationship VPNV4 AS-100-PE1-XRV17 > AS-100-RR-XRV17 > AS-200-RR-XRV21-AS-200-PE2-XRV27 EBGP（ipv4 labeled-unicast） AS-100-ASBR1-XRV19 >AS-200-ASBR3-XRV20

.ılı..ılı.
Cisco System
Pyhton
U got a dream, U gotta protect it

MHM Cisco World · ‎12-05-2023

redistribute bgp 100 level-2 route-policy R-B-I <<- remove this policy from both ASBR and check

MHM

Yang Li · ‎12-05-2023

This policy has been removed by both ASRBs, but it doesn't seem to work

RP/0/0/CPU0:P1-RR#show bgp vpnv4 unicast summary
Wed Dec 6 07:07:55.201 UTC
BGP router identifier 172.16.1.3, local AS number 100
BGP generic scan interval 60 secs
Non-stop routing is enabled
BGP table state: Active
Table ID: 0x0 RD version: 0
BGP main routing table version 79
BGP NSR Initial initsync version 1 (Reached)
BGP NSR/ISSU Sync-Group versions 0/0
BGP scan interval 60 secs

BGP is operating in STANDALONE mode.

Process RcvTblVer bRIB/RIB LabelVer ImportVer SendTblVer StandbyVer
Speaker 79 79 79 79 79 0

Neighbor Spk AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down St/PfxRcd
172.16.1.1 0 100 16757 16844 79 0 0 6d01h 2
172.16.1.4 0 100 15441 15545 79 0 0 6d00h 0
172.16.1.9 0 200 9955 9973 0 0 0 22:51:53 Active
172.16.1.20 0 100 15443 15542 79 0 0 6d00h 0

RP/0/0/CPU0:P1-RR#

.ılı..ılı.
Cisco System
Pyhton
U got a dream, U gotta protect it

Yang Li · ‎12-05-2023

I can see 172.16.1.9 from AS200 rr loo0 interface IP in RR
but can not ping
RP/0/0/CPU0:P1-RR#ping 192.168.1.9 source 172.16.1.3
Wed Dec 6 07:11:28.147 UTC
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.9, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
RP/0/0/CPU0:P1-RR#show route i
ipv4 ipv6 isis
RP/0/0/CPU0:P1-RR#show route isis
Wed Dec 6 07:11:45.846 UTC

i L2 10.1.23.0/30 [115/20] via 10.1.83.2, 3d02h, GigabitEthernet0/0/0/0
i L2 10.1.34.0/30 [115/20] via 10.1.83.2, 3d02h, GigabitEthernet0/0/0/0
i L2 10.1.72.0/30 [115/20] via 10.1.78.1, 01:21:56, GigabitEthernet0/0/0/1
i L2 10.1.94.0/30 [115/20] via 10.1.89.2, 1d00h, GigabitEthernet0/0/0/2
i L2 172.16.1.1/32 [115/20] via 10.1.78.1, 01:21:56, GigabitEthernet0/0/0/1
i L2 172.16.1.4/32 [115/20] via 10.1.83.2, 3d02h, GigabitEthernet0/0/0/0
i L2 172.16.1.5/32 [115/20] via 10.1.89.2, 1d00h, GigabitEthernet0/0/0/2
i L2 172.16.1.6/32 [115/30] via 10.1.89.2, 01:21:58, GigabitEthernet0/0/0/2
[115/30] via 10.1.83.2, 01:21:58, GigabitEthernet0/0/0/0
i L2 172.16.1.9/32 [115/10] via 10.1.89.2, 00:05:03, GigabitEthernet0/0/0/2
i L2 172.16.1.11/32 [115/10] via 10.1.89.2, 00:05:03, GigabitEthernet0/0/0/2
i L2 172.16.1.20/32 [115/30] via 10.1.78.1, 01:21:56, GigabitEthernet0/0/0/1
[115/30] via 10.1.83.2, 01:21:56, GigabitEthernet0/0/0/0
RP/0/0/CPU0:P1-RR#

.ılı..ılı.
Cisco System
Pyhton
U got a dream, U gotta protect it

Harold Ritter · ‎12-06-2023

Hi @Yang Li ,

You are using the wrong address for the ping. It should be as follow:

ping 172.16.1.9 source 172.16.1.3

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México